Sonarqube

1. Introduction
2. Analyzing Code with SonarQube
3. Integrations
4. SonarQube on Kubernetes
   1. GCP Kubernetes
5. SonarQube Scanners

Introduction

• wikipedia: SonarQube
• Sonarqube.org
• Dzone: Why SonarQube
• thenewstack.io: How to Install the SonarQube Security Analysis Platform

Analyzing Code with SonarQube

• Dzone: How to quickly get started with Sonar
• Dzone: How to analyze your code quality in 10 minutes
• Dzone: Sonarqube scanning in 15 minutes
• Dzone: Quick start with sonarqube for static code analysis
• Dzone.com: Code Analysis Part 1 - Analyzing Code with SonarQube
• Dzone.com: Code Analysis Part 2 - Analyzing Code with SonarQube
• navsinghoberoi.medium.com: Configure Sonarqube to analyse health of a project
• thenewstack.io: How to Analyze Code and Find Vulnerabilities with SonarQube
• itnext.io: SonarQube: running tests from Jenkins Pipeline in Docker

Integrations

• sonarqube.org: Bitbucket integration Eliminate Bugs and Vulnerabilities in your Bitbucket repositories
• Dzone: SonarCloud integration with SpringBoot Maven

SonarQube on Kubernetes

• Running SonarQube on Kubernetes
• Katacoda.com: SonarQube on Kubernetes
• hub.helm.sh/charts/oteemo/sonarqube
• youtube: Installation of Sonarqube on Kubernetes/Minikube
  • github ref1
  • github ref2

GCP Kubernetes

• click-to-deploy/sonarqube
• Installing SonarQube on GCP using Kubernetes

SonarQube Scanners

• SonarQube Scanner Overview
  • Gradle - SonarScanner for Gradle
  • MSBuild - SonarScanner for MSBuild
  • Maven - use the SonarScanner for Maven
  • Jenkins - SonarScanner for Jenkins. SonarQube plugin for Jenkins with declarative pipeline 🌟
  • Azure DevOps - SonarQube Extension for Azure DevOps
  • Ant - SonarScanner for Ant
  • anything else (CLI) - SonarScanner